OCCEAC Risk Partners: Islamic State

Greetings!

Prepared by the CyberWire (Friday, October 14, 2016) — The week has seen predictions within the US Intelligence Community borne out: as ISIS comes under more direct, effective, and lethal military pressure, its ability to mount information operations successfully appears to be on the decline. Not only do battlefield reverses undermine its story of being a divinely guided Caliphate, but as territory shrinks, so too does the stable infrastructure necessary to slick messaging. It's much harder to claim, credibly, that the Caliphate has been restored, and now offers its adherents justice, piety, stability, prosperity, and above all respect. This message is no longer received with the credulity it had earlier commanded, and increasingly appeals mostly to the marginalized and disaffected, those whom FBI Director Comey characterized recently as "screwed up individuals."

The effect kinetic operations seem to be having on the ISIS propaganda machine is in some respects surprising, since the barriers to an effective online presence are famously low, but it seems to be the case. (There's some confirmation of this as a general trend in the past two weeks' experience with Hurricane Matthew—threat researchers noticed a distinct drop in cybercriminals' distribution of malware from the US Southeast during the storm.)

Al Qaeda, formerly the varsity of jihad but now relegated to the J.V. squad, seeks to climb back to its former prominence with an online magazine aimed at inspiring Millennials. The appeal is "join the revolution," and much is made of the legacy of "Sheikh Osama." Al Qaeda confidently promises revenge for Osama bin Laden's death at the hands of US Special Operations Forces, but that revenge continues to be slow in coming. Al Qaeda is also beginning to face the kind of lethal opposition that's been so damaging to ISIS—Algerian forces took out some al Qaeda leaders operating in that country.

While the two principal jihadist organizations had a difficult week, it would be premature in the extreme to predict an early victory. For all the apparent retrenchment, online information operations remain more supple and robust than older modes of control. It would be a mistake to view ISIS' use of social media in particular as traditional command-and-control. Although it may on occasion function as such, its goals have instead been radicalization, recruitment, and inspiration, not tightly coupled command relationships. A Special Forces operator offers an account of how special operations forces can use cyberspace in furtherance of the classic counterinsurgency mission, a recognition that the old Special Forces "hearts and minds" aspirations may well find new expression in cyberspace.

ISIS cyber attack and defense technology remains more aspirational than real, but there are grounds for thinking this situation may not last. The Australian Cyber Security Centre (ACSC) reported this week that terrorists (they have ISIS principally in mind) could mount a successful large-scale cyber attack against that country within three years.

Were ISIS to gain that capability, it's likely it would acquire it from one of two sources: either a nation-state (possibly Russia, with whom US relations continue to deteriorate, and which has a long record of supporting denial terrorist actors) or some set of criminal cartels (who operate a well-stocked souk of attack tools).

Investigation of ISIS-connected jihadists advances in several countries. So does pushback from privacy advocates and civil society generally over police and security forces' use of surveillance tools.

[549]

Selected Reading

Cyber Attacks, Emerging Threats, and New Vulnerabilities (16)

Marketplace (1)

Products, Services, and Solutions (1)

Technologies, Techniques, and Standards (1)

Legislation, Policy, and Regulation (4)

Litigation, Investigation, and Law Enforcement (9)

Cyber Attacks, Emerging Threats, and New Vulnerabilities

War Goes Viral (Atlantic) How social media is being weaponized across the world…

'Join the Revolution': Al-Qaeda Makes Populist Pitch to Millennials (PJ Media) Al-Qaeda is appealing to millennials with a cocktail of populism and Islam and directives to not admire grown "kids" in professional sports but "men... with their AK aimed at the enemy" -- and to follow the latter into jihad…

ISIS Media Output Drops as Military Pressure Rises, Report Says (New York Times) The vaunted propaganda operations of the Islamic State, which helped lure more than 30,000 foreign fighters to Syria and Iraq, have dropped off drastically as the extremist group has come under military pressure, according to a study by terrorism researchers at West Point…

Number of suicide attacks claimed by the Islamic State dipped in September (Long War Journal) The Islamic State’s Amaq News Agency claims that the group launched 53 “martyrdom operations” in Iraq and Syria during the month of September. The figure was first published on an Arabic infographic (seen above) that was released by Amaq on Oct. 6…

Algerian forces kill commander of Islamic State affiliate behind French murder: source (Reuters) Algerian soldiers have killed two Islamist militants including one who security sources said was a senior commander with an Islamic State-allied group that kidnapped and beheaded a French tourist two years ago…

Malware Levels Drop Dramatically During Hurricane Matthew (Enigma Software) As Hurricane Matthew surged up and down the southeastern United States, malware infections took a dive. It's a small but interesting example of how the hurricane disrupted people's everyday activities for a few days. Based on malware detections data from SpyHunter, ESG took a look at infections in the areas hardest hit by Matthew…

The State of US National Intelligence: Observations by the "Big Six": The Caliphate and the Terrorist Threat (The CyberWire) Schmitt turned to counterterrorism—ISIS seems to be shrinking on the ground. What are the implications of this for national security?…

How India-Pakistan hackers escalated cyber war post surgical strikes (Daily O) What if the Indian government supports these patriotic cyber security personnel?…

How France's TV5 was almost destroyed by 'Russian hackers' (BBC) A powerful cyber-attack came close to destroying a French TV network, its director-general has told the BBC…

TV5Monde was saved from airtime-KO hack by unplugging infected box (Register) French telly station boss spills les haricots on what happened…

TV5 Hack Revelations (Information Security Buzz) French TV network TV5Monde has revealed additional details about the cyber attack in April that took down all 12 of its channels…

How Hackers Plant False Flags to Hide Their Real Identities (Motherboard) During the first half of 2015, a mysterious hacking group allegedly started attacking military and government organizations in Peru in what looked like a routine—even run-of-the-mill—espionage campaign…

Funding Cybercrime: The Hidden Side of Online Gaming Currency Selling (TrendLabs Security Intelligence Blog) The online gaming industry has long been a big cybercriminal target. Year after year we see players being subjected to phishing attacks and account hacking, and game companies suffering attacks like DDoS and others. While these attacks occur outside of the games themselves, one of the threats we see is much closer to the gamers’ experience, and has a wide-reaching impact…

Darkweb marketplaces can get you more than just spam and phish (CSO) Underground markets offer a great variety of services for cyber criminals to profit from…

Companies Should Understand Where Cybercrime Thrives (Harvard Business Review) As global cybercrime increases, governments and businesses are struggling to keep up with the threats they are facing. Because of the changing and innovative methods of attack being used against them, it is of the utmost importance that they constantly refine their knowledge of the particular enemies they face…

Terrorists could launch a cyber attack within three years, report warns (Sydney Morning Herald) The government claims terrorists could be capable of launching a cyber attack on Australia "to destructive effect" within three years even though the threat of their capability is currently ranked as "low"…

Marketplace

Digital privacy campaign urges users to 'Dump Yahoo' (Christian Science Monitor Passcode) The tech advocacy group Fight for the Future is calling on Yahoo users to delete accounts after reports alleged the company let US officials scan millions of emails…

Products, Services, and Solutions

New phone app tracks forced disappearances in Egypt (Cortez Journal) Opponents of the Egyptian government seem to just vanish…

Technologies, Techniques, and Standards

Enterprises outsmarting themselves with security, while attackers easily use common techniques (CSO) Attackers use common techniques to steal data while companies focus too much on sophisticated attacks…

Legislation, Policy, and Regulation

Israel ready to assist India with a comprehensive and effective cyber security plan (Economic Times) Israel is ready to assist India with a comprehensive and effective cyber security plan to counter threats from industrial hackers as well as extremist groups, according to Col Ram Dor, noted cyber security expert from the West Asian nation…

Online First: U.S. Special Operations Forces in Cyberspace (Cyber Defense Review) Cyberspace is a human space, as dynamic and uncertain as human nature. No longer simply a technical abstraction or manmade domain unto itself, cyberspace is a growing facet of every-day life that increasingly cuts across all aspects of Special Operations…

The cold war past haunts our electronic future (Financial Times) Russians have always believed that the real value of cyber is psychological warfare and influence…

Crypto Wars: Why the Fight to Encrypt Rages On (PC Magazine) We talked to several experts in the field to help us understand the many facets of encryption…

Litigation, Investigation, and Law Enforcement

ISIS suspect charged with researching encryption, encrypting website (Help Net Security) A man from Cardiff, Wales, has been charged with six terrorism-related charges, including one that involves actions that are not usually considered illegal: researching encryption software, publishing instructions on how to use it, and encrypting a website…

German spy chief says Syrian suspect targeted Berlin airports (Reuters) The head of Germany's domestic intelligence agency (BfV) said a Syrian suspect arrested on Monday was building a bomb and probably planned to attack one of the airports in Berlin…

Terror suspect's locked iPhone could lead to a second Apple-FBI showdown (CSO) This is gonna keep happening…

Subpoena to Encrypted App Provider Highlights Overbroad FBI Requests for Information (Intercept) A recently revealed grand jury subpoena shows that the FBI is likely continuing to ask companies for more information than the law allows, according to technology and privacy attorneys interviewed by The Intercept…

Spain and Morocco Arrest ISIS-Linked Terror Cell (Asharq al-Awsat) Moroccan police, in cooperation with Spanish security forces, have arrested a terrorist network suspected of links to ISIS, the Spanish Interior Ministry said on Wednesday…

Counter-terrorism police arrest schoolboys in Sydney (News.com) One of two schoolboys ­arrested yesterday as they were allegedly preparing to behead someone in Sydney’s southwest is related to a convicted terrorist…

UK Police Bought Privacy Invading Phone Snooping Tech – Report (Infosecurity Magazine) Rights groups are up in arms after it emerged several UK police forces have purchased controversial mobile phone snooping technology notorious for enabling indiscriminate surveillance…

Twitter, Facebook revoke access to social media surveillance software used by cops (Help Net Security) Geofeedia, a US-based company that offers its social media aggregation platform “to a broad range of private and public sector clients”, also numbers among its clients over 500 law enforcement and public safety agencies across the country…

Google Handles Record Number of Government Requests for Data (Threatpost) Google fielded a record number of government requests for user data during the first half of 2016, according to its updated Transparency Report…

 
OCCEAC Risk Partners
Compiled and published by the CyberWire editorial staff. Views and assertions in linked articles are those of the authors, not the CyberWire or the OCCEAC Risk Partners.